About PBKDF2

Password-Based Key Derivation Function 2 (PBKDF2) makes it harder for someone to determine your Master Password by making repeated guesses in a brute force attack. 1Password uses PBKDF2 in the process of deriving encryption keys from your Master Password. PBKDF2 requires many computations to get from the Master Password to the key. Anyone trying to automatically guess a Master Password has to perform those same calculations.

PBKDF2 prevents password cracking tools from making optimal use of graphics processing units (GPUs), thus reducing guess rates from hundreds of thousands of guesses per second to less than a few tens of thousands of guesses per second.

How 1Password uses PBKDF2

1Password has always used PBKDF2, but the implementation is different depending on whether you use a 1Password account or a standalone vault.

1Password accounts

1Password accounts use PBKDF2-HMAC-SHA256 for key derivation. All accounts are created using 100,000 iterations.

However, password cracking attempts are effectively rendered impossible because your Master Password is combined with your Secret Key which is only on your own devices. A good Master Password is still needed to protect you from an attacker who acquires your encrypted 1Password data from your own device. Learn how to choose a good Master Password.

OPVault

OPVault uses PBKDF2-HMAC-SHA512 for key derivation. The number of iterations depends on the processing power of your machine and is calibrated when you create a vault or change its Master Password. The minimum number of iterations is 10,000 but may be much higher.

Agile Keychain

The retired Agile Keychain format uses PBKDF2-HMAC-SHA1 for key derivation. The number of iterations depends on the version of 1Password used to create the vault and the processing power of the machine where it was created.

1Password for Mac 3.9 (September 2011): All versions of 1Password for Mac from the Mac App Store calibrate the number of PBKDF2 iterations on initial setup and on Master Password change. A minimum of 10,000 iterations is used.

1Password for Mac 3.8.21 (April 2013): Keychains created with 10,000 PBKDF2 iterations. On a Master Password change, iterations will be increased from 1,000 to 10,000 if necessary.

1Password for Mac 4 (October, 2013) will still create Agile Keychain format data under some circumstances. For both OPVault and Agile Keychain it will calibrate the number of PBKDF2 iteration on initial setup and on Master Password change. A minimum of 10,000 iterations is used.

1Password for Mac 4.2 (March 2014): Keychains created with a minimum of 25,000 iterations and a maximum of 100,000. On a Master Password change, iterations will be re-calibrated.

1Password for Mac 5 (October 2014): Keychains created with a minimum of 40,000 iterations and a maximum of 100,000. On Master Password change, iterations will be re-calibrated.